PHP :: Request #12872 :: User-defined safe

User-defined safe_mode restrictions

Submitted:

2001-08-21 08:56 UTC

Modified:

2002-05-31 07:23 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

hc at saustrup dot net

Assigned:

Status:

Closed

Package:

Feature/Change Request

PHP Version:

4.0.6

OS:

Linux

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2001-08-21 08:56 UTC] hc at saustrup dot net

I get this warning when using safe_mode:

"Warning: SAFE MODE Restriction in effect. The script whose uid is 503 is not allowed to access ..."

We're currently working several different users (with different UID's) on the same project, but we do share the same GID.
It would be great to introduce more safe_mode file access restriction levels, ie. a "same_group" parameter, allowing different UID's as long as the GID's match.

/HC,
Denmark

PS: "safe_mode_exec_dir" sometimes behaves strangely when there isn't a trailing slash.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-05-30 11:11 UTC] nospam dot hc at saustrup dot net

It appears the GID-check is implemented in the latest release. You guys rock! :-)

[2002-05-31 07:23 UTC] sniper@php.net

Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 26 17:01:30 2024 UTC